summaryrefslogtreecommitdiff
path: root/zebra/ipforward_sysctl.c
diff options
context:
space:
mode:
Diffstat (limited to 'zebra/ipforward_sysctl.c')
-rw-r--r--zebra/ipforward_sysctl.c73
1 files changed, 28 insertions, 45 deletions
diff --git a/zebra/ipforward_sysctl.c b/zebra/ipforward_sysctl.c
index cdf426b9b8..74a178e59c 100644
--- a/zebra/ipforward_sysctl.c
+++ b/zebra/ipforward_sysctl.c
@@ -26,6 +26,7 @@
#include "zebra/ipforward.h"
#include "log.h"
+#include "lib_errors.h"
#define MIB_SIZ 4
@@ -53,16 +54,12 @@ int ipforward_on(void)
int ipforwarding = 1;
len = sizeof ipforwarding;
- if (zserv_privs.change(ZPRIVS_RAISE))
- zlog_err("Can't raise privileges");
- if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- zlog_warn("Can't set ipforwarding on");
- return -1;
+ frr_elevate_privs(&zserv_privs) {
+ if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
+ zlog_warn("Can't set ipforwarding on");
+ return -1;
+ }
}
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
return ipforwarding;
}
@@ -72,16 +69,12 @@ int ipforward_off(void)
int ipforwarding = 0;
len = sizeof ipforwarding;
- if (zserv_privs.change(ZPRIVS_RAISE))
- zlog_err("Can't raise privileges");
- if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- zlog_warn("Can't set ipforwarding on");
- return -1;
+ frr_elevate_privs(&zserv_privs) {
+ if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) {
+ zlog_warn("Can't set ipforwarding on");
+ return -1;
+ }
}
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
return ipforwarding;
}
@@ -100,16 +93,12 @@ int ipforward_ipv6(void)
int ip6forwarding = 0;
len = sizeof ip6forwarding;
- if (zserv_privs.change(ZPRIVS_RAISE))
- zlog_err("Can't raise privileges");
- if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) {
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- zlog_warn("can't get ip6forwarding value");
- return -1;
+ frr_elevate_privs(&zserv_privs) {
+ if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) {
+ zlog_warn("can't get ip6forwarding value");
+ return -1;
+ }
}
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
return ip6forwarding;
}
@@ -119,16 +108,13 @@ int ipforward_ipv6_on(void)
int ip6forwarding = 1;
len = sizeof ip6forwarding;
- if (zserv_privs.change(ZPRIVS_RAISE))
- zlog_err("Can't raise privileges");
- if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) {
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- zlog_warn("can't get ip6forwarding value");
- return -1;
+ frr_elevate_privs(&zserv_privs) {
+ if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len)
+ < 0) {
+ zlog_warn("can't get ip6forwarding value");
+ return -1;
+ }
}
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
return ip6forwarding;
}
@@ -138,16 +124,13 @@ int ipforward_ipv6_off(void)
int ip6forwarding = 0;
len = sizeof ip6forwarding;
- if (zserv_privs.change(ZPRIVS_RAISE))
- zlog_err("Can't raise privileges");
- if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) {
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
- zlog_warn("can't get ip6forwarding value");
- return -1;
+ frr_elevate_privs(&zserv_privs) {
+ if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len)
+ < 0) {
+ zlog_warn("can't get ip6forwarding value");
+ return -1;
+ }
}
- if (zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
return ip6forwarding;
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-25 09:28:43 +0000